1、 ETSI TS 102 640-6-1 V1.1.1 (2011-09) Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 6: Interoperability Profiles; Sub-part 1: REM-MD UPU PReM Interoperability Profile Technical Specification ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 2Reference DTS/ESI-000069
2、-2 Keywords e-commerce, electronic signature, email, security, trust services ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (
3、06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the refer
4、ence version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or chan
5、ge of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright
6、 Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2011. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks
7、 of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 3C
8、ontents Intellectual Property Rights 4g3Foreword . 4g3Introduction 4g31 Scope 5g32 References 5g32.1 Normative references . 5g32.2 Informative references 6g33 Definitions and abbreviations . 6g33.1 Definitions 6g33.2 Abbreviations . 7g34 General requirements . 7g34.1 Compliance requirements . 7g35 M
9、apping of terms and definitions 7g36 Mapping of boundary roles 8g37 Functional GAP analysis between REM and PReM 8 g38 High level definition of the inter-communication flows between REM and PReM 15g38.1 Agreements. 15g38.2 Operational scenario . 17g39 Mapping of exchanged formats 17g310 Mapping of e
10、vidence names and semantics . 18g311 Mapping of protocol elements 18g311.1 Enveloping REM Dispatch in PReM Web Service business payload 18g311.2 PReM Designated Operators - relay Web Service Interface 20g311.2.1 SendMessageToDestination 21g311.2.1.1 Mapping of fields during a REM barb2right PReM flo
11、w 21g311.2.1.2 Mapping of fields during a PReM barb2right REM flow 23g311.2.2 SubscribeNotification . 24g311.2.2.1 Mapping of fields during a REM barb2right PReM flow 24g311.2.2.2 Mapping of fields during a PReM barb2right REM flow 25g311.2.3 UnsubscribeNotification . 26g311.2.4 ReceiveNotification
12、26g311.2.4.1 Mapping of fields during a REM barb2right PReM flow 26g311.2.4.2 Mapping of fields during a PReM barb2right REM flow 28g311.2.5 RejectMessage 28g311.2.5.1 Mapping of evidence during a REM barb2right PReM flow . 29g311.2.5.2 Mapping of evidence during a PReM barb2right REM flow . 29g312
13、Definition of mutual recognition system based on ETSI-TSL and UPU-Designated Operator Trusted List 29g312.1 Scheme information section . 31g312.2 List of Trust Service Providers section . 31g312.3 Trusted Service information section . 32g312.4 Trusted Service approval history section 32g3History 33g
14、3ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 4Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be foun
15、d in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Polic
16、y, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Techn
17、ical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). The present document is part 6, sub-part 1 of a multi-part deliverable. Full details of the entire series can be found in part 1 1. Introduction The summarised scope of each part an
18、d sub-part can be found in part 1 1 of this multi-part deliverable. ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 51 Scope The present document specifies requirements for achieving interoperability between the Registered Electronic Mail systems that are compliant with TS 102 640 (REM henceforth) specifi
19、cation 1 to 3 and systems that are compliant with UPU S52-1 UPU Postal Registered electronic Mail functional specification (PReM henceforth) 4. The approach used for this purpose is to define all the necessary mappings between the two specifications taking into account also the objective to maintain
20、 and preserve the positive features present in both the realities as pursued in the Technical Specifications. The present document is structured as follows: Clause 4: General requirements. Clause 5: Mapping of terms and definitions among REM and PReM. Clause 6: Mapping of boundary roles. Clause 7: F
21、unctional GAP analysis between REM and PReM. Clause 8: High level definition of the inter-communication flows between REM and PReM. Clause 9: Mapping of exchanged formats (structure of messages, attachments, signature etc). Clause 10: Mapping of evidence names and semantics. Clause 11: Mapping of pr
22、otocol elements. Clause 12: Definition of mutual recognition system based on ETSI-TSL and UPU-Designated Operator Trusted List. 2 References References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the c
23、ited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlink
24、s included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of the present document. 1 ETSI TS 102 640-1: “Electronic Signatures and Infrastructures (ESI)
25、; Registered Electronic Mail (REM); Part 1: Architecture“. 2 ETSI TS 102 640-2: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 2: Data requirements, Formats and Signatures for REM“. 3 ETSI TS 102 640-5: “Electronic Signatures and Infrastructures (ESI); Regis
26、tered Electronic Mail (REM); Part 5: REM-MD Interoperability Profiles“. 4 UPU S52-1: “Functional specification for postal registered electronic mail“. NOTE: The present document has been produced on the version 1 of the aforementioned UPU specification. ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 65 E
27、TSI TS 102 231: “Electronic Signatures and Infrastructures (ESI); Provision of harmonized Trust-service status information“. 2.2 Informative references The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particula
28、r subject area. i.1 ETSI TS 102 640-3: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 3: Information Security Policy Requirements for REM Management Domains“. i.2 ETSI TS 102 640-4: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail
29、 (REM); Part 4: REM-MD Conformance Profiles“. i.3 ETSI TS 102 640-6-2: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 6: Interoperability profiles; Sub-part 2: REM-MD BUSDOX Interoperability Profile“. i.4 ETSI TS 102 640-6-3: “Electronic Signatures and Infra
30、structures (ESI); Registered Electronic Mail (REM); Part 6: Interoperability profiles; Sub-part 3: REM-MD SOAP Binding Profile“. i.5 IETF RFC 5321: “Simple Mail Transfer Protocol“. i.6 IETF RFC 5322: “Internet Message Format“. i.7 IETF RFC 5751: “Secure/Multipurpose Internet Mail Extensions (S/MIME)
31、 Version 3.2 Message Specification“. i.8 ISO 3166-1: “Codes for the representation of names of countries and their subdivisions - Part 1: Country codes“. i.9 ISO/IEC 27001:2005: “Information technology - Security techniques - Information security management systems - Requirements“. 3 Definitions and
32、 abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in TS 102 640-1 1 to TS 102 640-5 3, TS 102 231 5, UPU S52-1 4 and the following apply: REM/PReM Gateway: set of technical and physical components, policies and processes that provide the Gateway
33、 service among REM network and UPU/PReM network NOTE: A REM/PReM Gateway may be a sub-service/module of a REM-MD or to be separated service. Throughout the present document a number of verbal forms are used, whose meaning is defined below: shall, shall not: indicate requirements strictly to be follo
34、wed in order to conform to the present document and from which no deviation is permitted. should, should not: indicate that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessa
35、rily required, or that (in the negative form) a certain possibility or course of action is deprecated but not prohibited. may, need not: indicate a course of action permissible within the limits of the present document. ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 73.2 Abbreviations For the purposes of
36、 the present document, the following abbreviations apply: DO Designated Operator NOTE: Definition in UPU S52-1 4. 4 General requirements This clause describes the tools and the formalities used for defining the profile in the present document. 4.1 Compliance requirements Requirements are grouped in
37、three different categories, each one having its corresponding identifier. Table 1 defines these categories and their identifiers. Table 1: Requirements categories Identifier Requirement to implement M System shall implement the element. R System should implement the element. O System may implement t
38、he element. All the requirements of Table 8, Table 9, Table 11, Table 12 and Table 15 will be defined as follows. Table 2: Requirements template N Service / Protocol element TS reference Requirement Implementation guidance Notes Column N will identify a unique number for the requirements. This numbe
39、r will start from 1 in each clause. The eventual references to it would also include the clause number to avoid any ambiguity. Column Service / Protocol element will identify the service element or protocol element the requirement applies to. Column TS Reference will reference the relevant clause of
40、 the standard where the element is defined. The reference is to TS 102 640-1 1, TS 102 640-2 2, TS 102 640-3 i.1, TS 102 640-4 i.2, TS 102 640-5 3 or PReM UPU 4 specification except where explicitly indicated otherwise. Column Requirement will contain an identifier, as defined in Table 1. Column Imp
41、lementation guidance will contain letters referencing explanation of the requirement. Column Notes will contain additional notes as informative text to the requirement. 5 Mapping of terms and definitions In Table 3 a mapping among the main terms and definitions used in REM Technical specifications 1
42、, 2, i.1, i.2, 3 and equivalent terms used in PReM UPU 4 specification is provided. An empty cell means that the corresponding specification does not define an equivalent term of the one shown in the same row and defined in the other specification. ETSI ETSI TS 102 640-6-1 V1.1.1 (2011-09) 8Table 3:
43、 Mapping of definitions ETSI REM definitions UPU PReM definitions certification authority information security policy Information Security Management System long term storage message archive Message Store + Evidence Store original message PReM Object REM-MD repository Directory Server+Evidence Store
44、+Message Store Registered E-Mail Postal Registered eMail REM dispatch PReM Message REM Management Domain Designated Operator REM-MD envelope Signed part of PReM Message REM-MD evidence Evidence REM-MD Evidence Provider Designated Operator REM-MD Evidence Verifier Designated Operator REM-MD Message P
45、ReM Message REM-MD Message Gateway Designated Operator REM-MD Message Transfer Agent REM-MD Repository Retrieval Interface REM-MD Sender Message Submission Interface REM-MD Third Party Evidence Retrieval Interface REM Message Store Message Store REM Object PReM Object or PReM Message or PReM Dispatc
46、h REM Objects Relay Interface REM User Agent (REM-UA) Web-browser/email client software REM Policy PReM policy REM Policy Domain UPU PReM group REM Policy Domain Authority UPU REM Recipient Addressee / Mailee REM Sender Mailer REM Third Party Authorized party Signature Creation Server Time-Stamping
47、Authority Time-Stamp Token Notification Designated Operator Trust List 6 Mapping of boundary roles For the purposes of the present document only the boundary elements of both systems shall be considered. In particular, as outlined in Figure 1, the main roles involved in the interactions are: REM-MDs
48、, Designated Operators, Trusted Lists. A new element is needed to cover the gap between the two systems: it is called REM/PReM Gateway. The REM/PReM Gateway shall act with double role: it shall be considered as a generic REM-MD when the intercommunication is between REM network barb2leftbarb2right R
49、EM/PReM Gateway; in a similar way, the REM/PReM Gateway shall be considered as one of the Designated Operators of the UPU/PReM network when the intercommunication is between REM/PReM Gateway barb2leftbarb2right PReM network. 7 Functional GAP analysis between REM and PReM The main differences between the functional aspects of ETSI REM and UPU PReM will be identified in this clause by comparing, when possible, the similar aspects of the two systems under analysis. The format of
copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1